Cloud Platforms Require Stringent Cybersecurity: ISG
ISG presented key insights at the Meeting the Challenge of Modern Security Threats in the Cloud virtual event, emphasizing that 45% of cyber breaches in 2021 targeted cloud platforms. Expert Doug Saylors highlighted that many enterprises mistakenly believe that cloud adoption includes automatic risk management. He stressed the necessity for organizations to conduct cybersecurity assessments to identify vulnerabilities, especially since human error remains a major factor in breaches. The firm advocates for tailored cybersecurity strategies to enhance resilience and limit potential attacks.
- ISG emphasizes the importance of cloud security assessments to mitigate risks.
- Highlighted need for tailored cybersecurity strategies to enhance resilience.
- Many enterprises mistakenly believe cloud adoption ensures automatic risk management.
- Human error remains a significant driver of cyber breaches.
ISG expert outlines cloud assessments and cybersecurity strategies to protect cloud-based workloads during ITPro Today / InformationWeek virtual event
In a keynote address during Meeting the Challenge of Modern Security Threats in the Cloud, a virtual event hosted by IT Pro Today and InformationWeek,
“The most common error we see in large organizations is a belief that adopting cloud platforms automatically includes risk transference. In fact, this is rarely the case,” Saylors said. “Basic cloud capabilities like server images, storage, backup and containers all require the same protections as on-premises assets.”
Human error continues to be a main driver of cyber breaches, impacting enterprises through stolen credentials, phishing and misuse, Saylors said. Cloud assessments expose these weaknesses and allow organizations to mitigate them before attacks occur.
“Nearly half (45 percent) of cyber breaches in 2021 occurred through attacks on cloud platforms,” Saylors said. “Significant breaches, which were initiated through phishing attacks leading to compromised credentials, are case studies in the dangers of deploying cloud platforms and software-as-a-service (SaaS) platforms without a well-thought-out cybersecurity strategy and a cyber architecture built for the cloud.”
Organizations are rapidly moving to multi-cloud environments, driven by business demand and the need to optimize the cost of running workloads. Enterprises that regularly conduct cloud security assessments using third parties and industry-standard frameworks can limit potential attacks to very narrow cloud segments, he said.
“Unfortunately, cybersecurity is rarely engaged on the front end of cloud transformation programs,” Saylors said. “Cloud storage does not guarantee immutability. Chief Information Security Officers must ensure compliance with required cyber policies to limit risk to the organization.”
Saylors recommended enterprises tailor and conduct basic cybersecurity maturity assessments leveraging standard frameworks to provide an enterprise-wide view of cyber maturity. Organizations should also assess their resiliency, their cloud-specific operational maturity, their detailed technical environment, and quantify the risk of financial loss for critical assets.
Additional information and a replay of today’s session are available on the event website.
About ISG
ISG (
View source version on businesswire.com: https://www.businesswire.com/news/home/20221006005842/en/
Press Contacts:
+1 203 517 3119
will.thoretz@isg-one.com
+1 978 518 4520
isg@matternow.com
Source:
FAQ
What percentage of cyber breaches in 2021 involved cloud platforms according to ISG?
Who presented the keynote at the ITPro Today and InformationWeek virtual event?
What is a common misconception about cloud security mentioned by ISG?